org.apache.cxf.helpers.CastUtils Java Examples
The following examples show how to use
org.apache.cxf.helpers.CastUtils.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: AbstractPolicySecurityTest.java From steady with Apache License 2.0 | 6 votes |
|
protected void verifyWss4jEncResults(SoapMessage inmsg) {
//
// There should be exactly 1 (WSS4J) HandlerResult
//
final List<WSHandlerResult> handlerResults =
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
assertNotNull(handlerResults);
assertSame(handlerResults.size(), 1);
List<WSSecurityEngineResult> protectionResults = new Vector<WSSecurityEngineResult>();
WSSecurityUtil.fetchAllActionResults(handlerResults.get(0).getResults(),
WSConstants.ENCR, protectionResults);
assertNotNull(protectionResults);
//
// This result should contain a reference to the decrypted element
//
final Map<String, Object> result = protectionResults
.get(0);
final List<WSDataRef> protectedElements =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
assertNotNull(protectedElements);
}
Example #2
| Source File: KerberosTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Example #3
| Source File: AbstractBindingPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Check to see if encryption was applied before signature.
* Note that results are stored in the reverse order.
*/
private boolean isEncryptedBeforeSigned(List<WSSecurityEngineResult> results) {
boolean encrypted = false;
for (WSSecurityEngineResult result : results) {
Integer actInt = (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
List<WSDataRef> el =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (actInt.intValue() == WSConstants.ENCR && el != null) {
encrypted = true;
}
// Don't count an endorsing signature
if (actInt.intValue() == WSConstants.SIGN && el != null
&& !(el.size() == 1 && el.get(0).getName().equals(SIG_QNAME))) {
if (encrypted) {
return true;
}
return false;
}
}
return false;
}
Example #4
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Check that an Element is signed or encrypted by one of the token results
*/
private boolean checkProtectionResult(
Element elementToProtect,
boolean content,
List<WSSecurityEngineResult> protResults,
List<WSSecurityEngineResult> tokenResults
) {
for (WSSecurityEngineResult result : protResults) {
List<WSDataRef> dataRefs =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (dataRefs != null) {
for (WSDataRef dataRef : dataRefs) {
if (elementToProtect == dataRef.getProtectedElement()
&& content == dataRef.isContent()
&& checkSignatureOrEncryptionResult(result, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #5
| Source File: AbstractBindingPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Check to see if a signature was applied before encryption.
* Note that results are stored in the reverse order.
*/
private boolean isSignedBeforeEncrypted(List<WSSecurityEngineResult> results) {
boolean signed = false;
for (WSSecurityEngineResult result : results) {
Integer actInt = (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
List<WSDataRef> el =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
// Don't count an endorsing signature
if (actInt.intValue() == WSConstants.SIGN && el != null
&& !(el.size() == 1 && el.get(0).getName().equals(SIG_QNAME))) {
signed = true;
}
if (actInt.intValue() == WSConstants.ENCR && el != null) {
if (signed) {
return true;
}
return false;
}
}
return false;
}
Example #6
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if the Signature is itself signed by one of the token results
* @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
* @return true if the Signature is itself signed
*/
private boolean checkSignatureIsSigned(List<WSSecurityEngineResult> tokenResults) {
for (WSSecurityEngineResult signedResult : signedResults) {
List<WSDataRef> sl =
CastUtils.cast((List<?>)signedResult.get(
WSSecurityEngineResult.TAG_DATA_REF_URIS
));
if (sl != null && sl.size() == 1) {
for (WSDataRef dataRef : sl) {
QName signedQName = dataRef.getName();
if (WSSecurityEngine.SIGNATURE.equals(signedQName)
&& checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #7
| Source File: AbstractBindingPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Check to see if a signature was applied before encryption.
* Note that results are stored in the reverse order.
*/
private boolean isSignedBeforeEncrypted(List<WSSecurityEngineResult> results) {
boolean signed = false;
for (WSSecurityEngineResult result : results) {
Integer actInt = (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
List<WSDataRef> el =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
// Don't count an endorsing signature
if (actInt.intValue() == WSConstants.SIGN && el != null
&& !(el.size() == 1 && el.get(0).getName().equals(SIG_QNAME))) {
signed = true;
}
if (actInt.intValue() == WSConstants.ENCR && el != null) {
if (signed) {
return true;
}
return false;
}
}
return false;
}
Example #8
| Source File: IssuedTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.ISSUED_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Example #9
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if a token was encrypted, false otherwise.
*/
private boolean isTokenEncrypted(Element token) {
for (WSSecurityEngineResult signedResult : encryptedResults) {
List<WSDataRef> dataRefs =
CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (dataRefs == null) {
return false;
}
for (WSDataRef dataRef : dataRefs) {
if (token == dataRef.getProtectedElement()) {
return true;
}
}
}
return false;
}
Example #10
| Source File: AbstractBindingPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Validate the entire header and body signature property.
*/
protected boolean validateEntireHeaderAndBodySignatures(
List<WSSecurityEngineResult> signedResults
) {
for (WSSecurityEngineResult signedResult : signedResults) {
List<WSDataRef> dataRefs =
CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
for (WSDataRef dataRef : dataRefs) {
String xpath = dataRef.getXpath();
if (xpath != null) {
String[] nodes = StringUtils.split(xpath, "/");
// envelope/Body || envelope/Header/header || envelope/Header/wsse:Security/header
if (nodes.length == 5 && nodes[3].contains("Security")) {
continue;
} else if (nodes.length < 3 || nodes.length > 4) {
return false;
}
}
}
}
return true;
}
Example #11
| Source File: AbstractBindingPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Check to see if a signature was applied before encryption.
* Note that results are stored in the reverse order.
*/
private boolean isSignedBeforeEncrypted(List<WSSecurityEngineResult> results) {
boolean signed = false;
for (WSSecurityEngineResult result : results) {
Integer actInt = (Integer)result.get(WSSecurityEngineResult.TAG_ACTION);
List<WSDataRef> el =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
// Don't count an endorsing signature
if (actInt.intValue() == WSConstants.SIGN && el != null
&& !(el.size() == 1 && el.get(0).getName().equals(SIG_QNAME))) {
signed = true;
}
if (actInt.intValue() == WSConstants.ENCR && el != null) {
if (signed) {
return true;
}
return false;
}
}
return false;
}
Example #12
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if the Timestamp is signed by one of the token results
* @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
* @return true if the Timestamp is signed
*/
private boolean checkTimestampIsSigned(List<WSSecurityEngineResult> tokenResults) {
for (WSSecurityEngineResult signedResult : signedResults) {
List<WSDataRef> sl =
CastUtils.cast((List<?>)signedResult.get(
WSSecurityEngineResult.TAG_DATA_REF_URIS
));
if (sl != null) {
for (WSDataRef dataRef : sl) {
if (timestamp == dataRef.getProtectedElement()
&& checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #13
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if the Timestamp is signed by one of the token results
* @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
* @return true if the Timestamp is signed
*/
private boolean checkTimestampIsSigned(List<WSSecurityEngineResult> tokenResults) {
for (WSSecurityEngineResult signedResult : signedResults) {
List<WSDataRef> sl =
CastUtils.cast((List<?>)signedResult.get(
WSSecurityEngineResult.TAG_DATA_REF_URIS
));
if (sl != null) {
for (WSDataRef dataRef : sl) {
if (timestamp == dataRef.getProtectedElement()
&& checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #14
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Check that an Element is signed or encrypted by one of the token results
*/
private boolean checkProtectionResult(
Element elementToProtect,
boolean content,
List<WSSecurityEngineResult> protResults,
List<WSSecurityEngineResult> tokenResults
) {
for (WSSecurityEngineResult result : protResults) {
List<WSDataRef> dataRefs =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (dataRefs != null) {
for (WSDataRef dataRef : dataRefs) {
if (elementToProtect == dataRef.getProtectedElement()
&& content == dataRef.isContent()
&& checkSignatureOrEncryptionResult(result, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #15
| Source File: AbstractBindingPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Validate the entire header and body signature property.
*/
protected boolean validateEntireHeaderAndBodySignatures(
List<WSSecurityEngineResult> signedResults
) {
for (WSSecurityEngineResult signedResult : signedResults) {
List<WSDataRef> dataRefs =
CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
for (WSDataRef dataRef : dataRefs) {
String xpath = dataRef.getXpath();
if (xpath != null) {
String[] nodes = StringUtils.split(xpath, "/");
// envelope/Body || envelope/Header/header || envelope/Header/wsse:Security/header
if (nodes.length == 5 && nodes[3].contains("Security")) {
continue;
} else if (nodes.length < 3 || nodes.length > 4) {
return false;
}
}
}
}
return true;
}
Example #16
| Source File: AbstractBindingPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if the given id was encrypted
*/
private boolean isIdEncrypted(String sigId, List<WSSecurityEngineResult> results) {
for (WSSecurityEngineResult wser : results) {
Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
if (actInt.intValue() == WSConstants.ENCR) {
List<WSDataRef> el =
CastUtils.cast((List<?>)wser.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (el != null) {
for (WSDataRef r : el) {
Element protectedElement = r.getProtectedElement();
if (protectedElement != null) {
String id = protectedElement.getAttribute("Id");
String wsuId = protectedElement.getAttributeNS(WSConstants.WSU_NS, "Id");
if (sigId.equals(id) || sigId.equals(wsuId)) {
return true;
}
}
}
}
}
}
return false;
}
Example #17
| Source File: AbstractBindingPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Validate the entire header and body signature property.
*/
protected boolean validateEntireHeaderAndBodySignatures(
List<WSSecurityEngineResult> signedResults
) {
for (WSSecurityEngineResult signedResult : signedResults) {
List<WSDataRef> dataRefs =
CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
for (WSDataRef dataRef : dataRefs) {
String xpath = dataRef.getXpath();
if (xpath != null) {
String[] nodes = StringUtils.split(xpath, "/");
// envelope/Body || envelope/Header/header || envelope/Header/wsse:Security/header
if (nodes.length == 5 && nodes[3].contains("Security")) {
continue;
} else if (nodes.length < 3 || nodes.length > 4) {
return false;
}
}
}
}
return true;
}
Example #18
| Source File: KerberosTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Example #19
| Source File: KerberosTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Example #20
| Source File: IssuedTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.ISSUED_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
Example #21
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if the Signature is itself signed by one of the token results
* @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
* @return true if the Signature is itself signed
*/
private boolean checkSignatureIsSigned(List<WSSecurityEngineResult> tokenResults) {
for (WSSecurityEngineResult signedResult : signedResults) {
List<WSDataRef> sl =
CastUtils.cast((List<?>)signedResult.get(
WSSecurityEngineResult.TAG_DATA_REF_URIS
));
if (sl != null && sl.size() == 1) {
for (WSDataRef dataRef : sl) {
QName signedQName = dataRef.getName();
if (WSSecurityEngine.SIGNATURE.equals(signedQName)
&& checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #22
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if the Signature is itself signed by one of the token results
* @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
* @return true if the Signature is itself signed
*/
private boolean checkSignatureIsSigned(List<WSSecurityEngineResult> tokenResults) {
for (WSSecurityEngineResult signedResult : signedResults) {
List<WSDataRef> sl =
CastUtils.cast((List<?>)signedResult.get(
WSSecurityEngineResult.TAG_DATA_REF_URIS
));
if (sl != null && sl.size() == 1) {
for (WSDataRef dataRef : sl) {
QName signedQName = dataRef.getName();
if (WSSecurityEngine.SIGNATURE.equals(signedQName)
&& checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #23
| Source File: AbstractBindingPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if the given id was encrypted
*/
private boolean isIdEncrypted(String sigId, List<WSSecurityEngineResult> results) {
for (WSSecurityEngineResult wser : results) {
Integer actInt = (Integer)wser.get(WSSecurityEngineResult.TAG_ACTION);
if (actInt.intValue() == WSConstants.ENCR) {
List<WSDataRef> el =
CastUtils.cast((List<?>)wser.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (el != null) {
for (WSDataRef r : el) {
Element protectedElement = r.getProtectedElement();
if (protectedElement != null) {
String id = protectedElement.getAttribute("Id");
String wsuId = protectedElement.getAttributeNS(WSConstants.WSU_NS, "Id");
if (sigId.equals(id) || sigId.equals(wsuId)) {
return true;
}
}
}
}
}
}
return false;
}
Example #24
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if the Timestamp is signed by one of the token results
* @param tokenResults A list of WSSecurityEngineResults corresponding to tokens
* @return true if the Timestamp is signed
*/
private boolean checkTimestampIsSigned(List<WSSecurityEngineResult> tokenResults) {
for (WSSecurityEngineResult signedResult : signedResults) {
List<WSDataRef> sl =
CastUtils.cast((List<?>)signedResult.get(
WSSecurityEngineResult.TAG_DATA_REF_URIS
));
if (sl != null) {
for (WSDataRef dataRef : sl) {
if (timestamp == dataRef.getProtectedElement()
&& checkSignatureOrEncryptionResult(signedResult, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #25
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Check that an Element is signed or encrypted by one of the token results
*/
private boolean checkProtectionResult(
Element elementToProtect,
boolean content,
List<WSSecurityEngineResult> protResults,
List<WSSecurityEngineResult> tokenResults
) {
for (WSSecurityEngineResult result : protResults) {
List<WSDataRef> dataRefs =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (dataRefs != null) {
for (WSDataRef dataRef : dataRefs) {
if (elementToProtect == dataRef.getProtectedElement()
&& content == dataRef.isContent()
&& checkSignatureOrEncryptionResult(result, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #26
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Return true if a token was encrypted, false otherwise.
*/
private boolean isTokenEncrypted(Element token) {
for (WSSecurityEngineResult signedResult : encryptedResults) {
List<WSDataRef> dataRefs =
CastUtils.cast((List<?>)signedResult.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (dataRefs == null) {
return false;
}
for (WSDataRef dataRef : dataRefs) {
if (token == dataRef.getProtectedElement()) {
return true;
}
}
}
return false;
}
Example #27
| Source File: WSS4JInInterceptor.java From steady with Apache License 2.0 | 6 votes |
|
public WSS4JInInterceptor(Map<String, Object> properties) {
this();
setProperties(properties);
final Map<QName, Object> processorMap = CastUtils.cast(
(Map<?, ?>)properties.get(PROCESSOR_MAP));
final Map<QName, Object> validatorMap = CastUtils.cast(
(Map<?, ?>)properties.get(VALIDATOR_MAP));
if (processorMap != null) {
if (validatorMap != null) {
processorMap.putAll(validatorMap);
}
secEngineOverride = createSecurityEngine(processorMap);
} else if (validatorMap != null) {
secEngineOverride = createSecurityEngine(validatorMap);
}
}
Example #28
| Source File: AbstractPolicySecurityTest.java From steady with Apache License 2.0 | 6 votes |
|
protected void verifyWss4jEncResults(SoapMessage inmsg) {
//
// There should be exactly 1 (WSS4J) HandlerResult
//
final List<WSHandlerResult> handlerResults =
CastUtils.cast((List<?>)inmsg.get(WSHandlerConstants.RECV_RESULTS));
assertNotNull(handlerResults);
assertSame(handlerResults.size(), 1);
List<WSSecurityEngineResult> protectionResults = new Vector<WSSecurityEngineResult>();
WSSecurityUtil.fetchAllActionResults(handlerResults.get(0).getResults(),
WSConstants.ENCR, protectionResults);
assertNotNull(protectionResults);
//
// This result should contain a reference to the decrypted element
//
final Map<String, Object> result = protectionResults
.get(0);
final List<WSDataRef> protectedElements =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
assertNotNull(protectedElements);
}
Example #29
| Source File: AbstractSupportingTokenPolicyValidator.java From steady with Apache License 2.0 | 6 votes |
|
/**
* Check that an Element is signed or encrypted by one of the token results
*/
private boolean checkProtectionResult(
Element elementToProtect,
boolean content,
List<WSSecurityEngineResult> protResults,
List<WSSecurityEngineResult> tokenResults
) {
for (WSSecurityEngineResult result : protResults) {
List<WSDataRef> dataRefs =
CastUtils.cast((List<?>)result.get(WSSecurityEngineResult.TAG_DATA_REF_URIS));
if (dataRefs != null) {
for (WSDataRef dataRef : dataRefs) {
if (elementToProtect == dataRef.getProtectedElement()
&& content == dataRef.isContent()
&& checkSignatureOrEncryptionResult(result, tokenResults)) {
return true;
}
}
}
}
return false;
}
Example #30
| Source File: KerberosTokenInterceptorProvider.java From steady with Apache License 2.0 | 6 votes |
|
public void handleMessage(Message message) throws Fault {
AssertionInfoMap aim = message.get(AssertionInfoMap.class);
// extract Assertion information
if (aim != null) {
Collection<AssertionInfo> ais = aim.get(SP12Constants.KERBEROS_TOKEN);
if (ais == null) {
return;
}
if (!isRequestor(message)) {
List<WSHandlerResult> results =
CastUtils.cast((List<?>)message.get(WSHandlerConstants.RECV_RESULTS));
if (results != null && results.size() > 0) {
parseHandlerResults(results.get(0), message, aim);
}
} else {
//client side should be checked on the way out
for (AssertionInfo ai : ais) {
ai.setAsserted(true);
}
}
}
}
